Package org.dspace.app.rest.security

Class AnonymousAdditionalAuthorizationFilter

java.lang.Object

org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

org.springframework.security.web.authentication.www.BasicAuthenticationFilter

org.dspace.app.rest.security.AnonymousAdditionalAuthorizationFilter

All Implemented Interfaces:

jakarta.servlet.Filter, Aware, BeanNameAware, DisposableBean, InitializingBean, EnvironmentAware, EnvironmentCapable, ServletContextAware

public class AnonymousAdditionalAuthorizationFilter
extends BasicAuthenticationFilter

This is a Filter class that'll fetch special groups from the AuthenticationService and set these in the current DSpace Context. It'll do extra processing on anonymous requests to see which authorizations they can implicitly have and adds those This will allow us to for example set a specific Group to a specific IP so that any request from that IP is always treated as being a part of the configured group. The configuration for the authentication through ip can be found in authentication-ip.cfg This can be enabled by uncommenting the IPAuhentication plugin in authentication.cfg

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

ALREADY_FILTERED_SUFFIX

Fields inherited from class org.springframework.web.filter.GenericFilterBean

logger

Constructor Summary

Constructors

Constructor	Description
AnonymousAdditionalAuthorizationFilter(AuthenticationManager authenticationManager, AuthenticationService authenticationService)	Constructor for the class

Method Summary

Modifier and Type	Method	Description
protected void	doFilterInternal(jakarta.servlet.http.HttpServletRequest req, jakarta.servlet.http.HttpServletResponse res, jakarta.servlet.FilterChain chain)

Methods inherited from class org.springframework.security.web.authentication.www.BasicAuthenticationFilter

afterPropertiesSet, authenticationIsRequired, getAuthenticationEntryPoint, getAuthenticationManager, getCredentialsCharset, isIgnoreFailure, onSuccessfulAuthentication, onUnsuccessfulAuthentication, setAuthenticationConverter, setAuthenticationDetailsSource, setCredentialsCharset, setRememberMeServices, setSecurityContextHolderStrategy, setSecurityContextRepository

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

Methods inherited from class org.springframework.web.filter.GenericFilterBean

addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AnonymousAdditionalAuthorizationFilter

public AnonymousAdditionalAuthorizationFilter(AuthenticationManager authenticationManager,
 AuthenticationService authenticationService)

Constructor for the class

Parameters:

authenticationManager - The relevant AuthenticationManager

authenticationService - The autowired AuthenticationService

Method Details

doFilterInternal

protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest req,
 jakarta.servlet.http.HttpServletResponse res,
 jakarta.servlet.FilterChain chain)
                         throws IOException,
jakarta.servlet.ServletException

Overrides:

doFilterInternal in class BasicAuthenticationFilter

Throws:

IOException

jakarta.servlet.ServletException